In an effort to increase productivity, many employers allow their workers to conduct business related to the employer on their personal mobile devices. In some cases, employers also provide some of their employees with company-issued mobile devices. In either arrangement, an employer understands that a single device may include sensitive data related to that employer in addition to data that is personal to the employee. Several advances have been made in an effort to protect an employer's data in these circumstances. For example, OpenPeak Inc. of Boca Raton, Fla. has developed solutions that enable a mobile device to include both enterprise and personal data but that isolate the enterprise data from the personal data. As part of these solutions, an employee may download secure applications that may be used to conduct transactions related to the enterprise, but these secure applications may be prevented from exchanging data with conventional or non-secure applications.
These secure applications have typically been altered to enable management of the applications and for security purposes, a process sometimes referred to as “wrapping” or “adapting” the application. In certain cases, an application is wrapped by manipulating the binary of the application and inserting adaptive code in the application to enable the interception of calls to and from the application. This process can increase the functionality of the application and can make it secure, as described above.
In some cases, the secure applications may be designated for inclusion in a secure partition. Steps can be taken to encapsulate the internal communications of the secure applications in the secure partition, such as by creating an unpredictable namespace for these communications. Through namespace enforcement, a non-secure application is prevented from accessing data from or communicating with a secure application, even if the non-secure application is the same version as the secure application. Thus, there is a concerted effort to minimize the exposure of enterprise data to any non-secure programs of the user's mobile device. Even so, a sensitive balance must be reached to maximize the efficiency of the user's time and availability and the productivity of the secure applications on the mobile device.